29

The Unreal Engine project continues to develop - new code is added, and previously written code is changed. The inevitable consequence of the development in a project? The emergence of new bugs in the code that a programmer wants to identify as early as possible. One of the ways to reduce the number of errors is the use of the static analyzer, 'PVS-Studio'. If you care about code quality, this article is for you.

image

Although, we did it (https://www.unrealengine.com/blog/how-pvs-studio-team-improved-unreal-engines-code) two years ago, since that time we got more work to do regards code editing and improvement. It is always useful and interesting to look at the project code base after a two-year break. There are several reasons for this.

First, we were interested to look at false positives from the analyzer. This work helped us improve our tool as well, which would reduce the number of unnecessary messages. Fighting false positives is a constant task for any developer of code analyzers.

The codebase of Unreal Engine has significantly changed over the two years. Some fragments were added, some were removed, sometimes entire folders disappeared. That's why not all the parts of the code got sufficient attention, which means that there is some work for PVS-Studio.

The fact that the company uses static analysis tools shows the maturity of the project development cycle, and the care given to ensuring the reliability and safety of the code.

We won't be talking about all the errors that we found and fixed, We will highlight only those that deserve attention, to our mind.

Read more - https://www.unrealengine.com/en-US/blog/static-analysis-as-part-of-the-process

P.S. Those who are willing, may take a look at other errors in the pull request on Github. To access the source code, and a specified pull request, you must have access to the Unreal Engine repository on GitHub. To do this, you must have accounts on GitHub and EpicGames, which must be linked on the website unrealengine.com. After that, you need to accept the invitation to join the Epic Games community on GitHub.Instruction (https://www.unrealengine.com/ue4-on-github).
Kate Milovidova 27 june 2017, 12:50

image

A development team, working on a static analyzer, has already checked a game engine under Windows. In this check we used a Linux version and the result showed that there were a large number of serious errors. The article covers only the general analysis warnings and only “High” level of severity (there are also Medium and Low levels).
Sofia Fateeva 4 april 2017, 13:33

image

In this article we'll look at the main features of SonarQube - a platform for continuous analysis and measurement of code quality, and we'll also discuss advantages of the methods for code quality evaluation based on the SonarQube metrics.

SonarQube is an open source platform, designed for continuous analysis and measurement of code quality. SonarQube provides the following capabilities:
Kate Milovidova 16 november 2016, 12:13

image

One of the main problems with C++ is having a huge number of constructions whose behavior is undefined, or is just unexpected for a programmer. We often come across them when using our static analyzer on various projects. But, as we all know, the best thing is to detect errors at the compilation stage. Let's see which techniques in modern C++ help writing not only simple and clear code, but make it safer and more reliable.
What is Modern C++?

The term Modern C++ became very popular after the release of C++11. What does it mean? First of all, Modern C++ is a set of patterns and idioms that are designed to eliminate the downsides of good old "C with classes", that so many C++ programmers are used to, especially if they started programming in C. C++11 looks way more concise and understandable, which is very important.
Kate Milovidova 15 september 2016, 11:44

You are so lucky to be a programmer. I would like to be the programmer.
- Why do not you learn?
- I already tried. I checked out codeacademy and other websites, but it is not mine.
- Yep, the programming is not really for everyone.
- You are well paid, and you can create different things. Almost every day you get some crazy offers at least for 100 thousand dollars.
- Yep, honestly it's very flattering and a little mind-blowing.
- You get your share in the company and you know that the software engineers are always respected. You can implement any idea in the app and get rich. Moreover, you do not need to hire anyone for this.
- Actually, the programming makes me miserable.
- Wow. What do you mean by that?
- In order to be a good programmer, I need to develop a special mindset and that makes me sad. I noticed this in other programmers, of course, not all, but in many.
- What is this mindset?
- This is concentration on the strengths, and not on the weaknesses.
- Why do you need this to become a good coder?
- I work like this:
KlauS 28 may 2014, 15:11

image
Presently, the distance learning system has been developing all the time. There is no longer a problem to get a good education remotely. Online learning has several advantages, such as learning at own pace, freedom and flexibility, accessibility, and social equality. The Web offers a variety of services to help gaining new knowledge.
MeLavi 7 december 2012, 21:46

A couple years ago, I worked together with Ken Thompson on the interactive graphics language that was developed by Gerard Holzman in Bell Labs. I was typing quicker, therefore, I sat at the keypad, and Ken stood behind me. We worked quickly and when the compiler gave out an error, I started reflexively digging in a problem, studying the call stack, program output and launching a debugger, and so on. But Ken simply was standing nearby and thinking, ignoring me and a code, which we just wrote. Soon I noticed regularity that Ken often understood the problem faster than me and was saying, “I know, what is going on”. Usually, he was right. I understood that Ken built the mental model of a code, and when something was broken, it was the error in this model. He was thinking of how this problem could arise, so he explained what was wrong with model, or where our code could mirror this model incorrectly.
MeLavi 29 october 2012, 22:03

image

Today, I am going to talk about how you can hide the “spare" assembler commands in the regular code. This method is useful for complexity of disassembling the code, especially if the generation of "hidden" commands to automate. Tools: debugger - OllyDbg.
KlauS 2 august 2012, 11:11

Over a year ago one user of StackOverflow programming site asked for help concerning this issue. Namely, they have the employee with the last name Null at the firm. The problem is that because of his name falls a corporate search application, if the employee’s name will be used as search query (it has happened very often recently). Error:

<soapenv:Fault>
<faultcode>soapenv:Server.userException</faultcode>
<faultstring>coldfusion.xml.rpc.CFCInvocationException: [coldfusion.runtime.MissingArgumentException : The SEARCHSTRING parameter to the getFacultyNames function is required but was not passed in.]</faultstring>
Tags: humor, NaN, Null
MeLavi 12 may 2012, 5:49

I have little experience (summarily I have been working as a programmer nearly for 16 months), nevertheless, I would like to give some tips to myself in the past, or in other words, to those who are studding now at the university and planning to become a software developer. I do not have a claim on wisdom or experience on no account. While thinking a little, I understand that all these tips are very actual for me more than ever too. I published the first note in my blog last year, and now I am publishing here the list expanded with tips of the readers of this blog.

All tips are independent and their order does not matter.
KlauS 8 may 2012, 15:19
1 2